void JIT::compileOpCallSlowCase(Instruction* instruction, Vector<SlowCaseEntry>::iterator& iter, unsigned callLinkInfoIndex, OpcodeID opcodeID)
{
int argCount = instruction[2].u.operand;
int registerOffset = instruction[3].u.operand;
linkSlowCase(iter);
// Fast check for JS function.
Jump callLinkFailNotObject = emitJumpIfNotJSCell(regT0);
Jump callLinkFailNotJSFunction = branchPtr(NotEqual, Address(regT0), TrustedImmPtr(m_globalData->jsFunctionVPtr));
// Speculatively roll the callframe, assuming argCount will match the arity.
storePtr(callFrameRegister, Address(callFrameRegister, (RegisterFile::CallerFrame + registerOffset) * static_cast<int>(sizeof(Register))));
addPtr(Imm32(registerOffset * static_cast<int>(sizeof(Register))), callFrameRegister);
move(Imm32(argCount), regT1);
m_callStructureStubCompilationInfo[callLinkInfoIndex].callReturnLocation = emitNakedCall(opcodeID == op_construct ? m_globalData->jitStubs->ctiVirtualConstructLink() : m_globalData->jitStubs->ctiVirtualCallLink());
// Done! - return back to the hot path.
ASSERT(OPCODE_LENGTH(op_call) == OPCODE_LENGTH(op_call_eval));
ASSERT(OPCODE_LENGTH(op_call) == OPCODE_LENGTH(op_construct));
emitJumpSlowToHot(jump(), OPCODE_LENGTH(op_call));
// This handles host functions
callLinkFailNotObject.link(this);
callLinkFailNotJSFunction.link(this);
JITStubCall stubCall(this, opcodeID == op_construct ? cti_op_construct_NotJSConstruct : cti_op_call_NotJSFunction);
stubCall.addArgument(regT0);
stubCall.addArgument(JIT::Imm32(registerOffset));
stubCall.addArgument(JIT::Imm32(argCount));
stubCall.call();
sampleCodeBlock(m_codeBlock);
}
void JIT::compileOpCall(OpcodeID opcodeID, Instruction* instruction, unsigned)
{
int callee = instruction[1].u.operand;
int argCount = instruction[2].u.operand;
int registerOffset = instruction[3].u.operand;
// Handle eval
Jump wasEval;
if (opcodeID == op_call_eval) {
JITStubCall stubCall(this, cti_op_call_eval);
stubCall.addArgument(callee, regT0);
stubCall.addArgument(JIT::Imm32(registerOffset));
stubCall.addArgument(JIT::Imm32(argCount));
stubCall.call();
wasEval = branchPtr(NotEqual, regT0, TrustedImmPtr(JSValue::encode(JSValue())));
}
emitGetVirtualRegister(callee, regT0);
// Check for JSFunctions.
emitJumpSlowCaseIfNotJSCell(regT0);
addSlowCase(branchPtr(NotEqual, Address(regT0), TrustedImmPtr(m_globalData->jsFunctionVPtr)));
// Speculatively roll the callframe, assuming argCount will match the arity.
storePtr(callFrameRegister, Address(callFrameRegister, (RegisterFile::CallerFrame + registerOffset) * static_cast<int>(sizeof(Register))));
addPtr(Imm32(registerOffset * static_cast<int>(sizeof(Register))), callFrameRegister);
move(Imm32(argCount), regT1);
emitNakedCall(opcodeID == op_construct ? m_globalData->jitStubs->ctiVirtualConstruct() : m_globalData->jitStubs->ctiVirtualCall());
if (opcodeID == op_call_eval)
wasEval.link(this);
sampleCodeBlock(m_codeBlock);
}
void JIT::emitSlow_op_div(Instruction* currentInstruction, Vector<SlowCaseEntry>::iterator& iter)
{
unsigned result = currentInstruction[1].u.operand;
unsigned op1 = currentInstruction[2].u.operand;
unsigned op2 = currentInstruction[3].u.operand;
OperandTypes types = OperandTypes::fromInt(currentInstruction[4].u.operand);
if (types.first().definitelyIsNumber() && types.second().definitelyIsNumber()) {
#ifndef NDEBUG
breakpoint();
#endif
return;
}
if (!isOperandConstantImmediateDouble(op1) && !isOperandConstantImmediateInt(op1)) {
if (!types.first().definitelyIsNumber())
linkSlowCase(iter);
}
if (!isOperandConstantImmediateDouble(op2) && !isOperandConstantImmediateInt(op2)) {
if (!types.second().definitelyIsNumber())
linkSlowCase(iter);
}
// There is an extra slow case for (op1 * -N) or (-N * op2), to check for 0 since this should produce a result of -0.
JITStubCall stubCall(this, cti_op_div);
stubCall.addArgument(op1, regT2);
stubCall.addArgument(op2, regT2);
stubCall.call(result);
}
void JIT::emitSlow_op_rshift(Instruction* currentInstruction, Vector<SlowCaseEntry>::iterator& iter)
{
unsigned result = currentInstruction[1].u.operand;
unsigned op1 = currentInstruction[2].u.operand;
unsigned op2 = currentInstruction[3].u.operand;
JITStubCall stubCall(this, cti_op_rshift);
if (isOperandConstantImmediateInt(op2)) {
linkSlowCase(iter);
stubCall.addArgument(regT0);
stubCall.addArgument(op2, regT2);
} else {
if (supportsFloatingPointTruncate()) {
linkSlowCase(iter);
linkSlowCase(iter);
linkSlowCase(iter);
// We're reloading op1 to regT0 as we can no longer guarantee that
// we have not munged the operand. It may have already been shifted
// correctly, but it still will not have been tagged.
stubCall.addArgument(op1, regT0);
stubCall.addArgument(regT2);
} else {
linkSlowCase(iter);
linkSlowCase(iter);
stubCall.addArgument(regT0);
stubCall.addArgument(regT2);
}
}
stubCall.call(result);
}
void JIT::emit_op_add(Instruction* currentInstruction)
{
unsigned result = currentInstruction[1].u.operand;
unsigned op1 = currentInstruction[2].u.operand;
unsigned op2 = currentInstruction[3].u.operand;
OperandTypes types = OperandTypes::fromInt(currentInstruction[4].u.operand);
if (!types.first().mightBeNumber() || !types.second().mightBeNumber()) {
JITStubCall stubCall(this, cti_op_add);
stubCall.addArgument(op1, regT2);
stubCall.addArgument(op2, regT2);
stubCall.call(result);
return;
}
if (isOperandConstantImmediateInt(op1)) {
emitGetVirtualRegister(op2, regT0);
emitJumpSlowCaseIfNotImmediateInteger(regT0);
addSlowCase(branchAdd32(Overflow, Imm32(getConstantOperandImmediateInt(op1)), regT0));
emitFastArithIntToImmNoCheck(regT0, regT0);
} else if (isOperandConstantImmediateInt(op2)) {
emitGetVirtualRegister(op1, regT0);
emitJumpSlowCaseIfNotImmediateInteger(regT0);
addSlowCase(branchAdd32(Overflow, Imm32(getConstantOperandImmediateInt(op2)), regT0));
emitFastArithIntToImmNoCheck(regT0, regT0);
} else
compileBinaryArithOp(op_add, result, op1, op2, types);
emitPutVirtualRegister(result);
}
void JIT::compileLoadVarargs(Instruction* instruction)
{
int thisValue = instruction[2].u.operand;
int arguments = instruction[3].u.operand;
int firstFreeRegister = instruction[4].u.operand;
killLastResultRegister();
JumpList slowCase;
JumpList end;
if (m_codeBlock->usesArguments() && arguments == m_codeBlock->argumentsRegister()) {
emitGetVirtualRegister(arguments, regT0);
slowCase.append(branchPtr(NotEqual, regT0, TrustedImmPtr(JSValue::encode(JSValue()))));
emitGetFromCallFrameHeader32(RegisterFile::ArgumentCount, regT0);
slowCase.append(branch32(Above, regT0, TrustedImm32(Arguments::MaxArguments + 1)));
// regT0: argumentCountIncludingThis
move(regT0, regT1);
add32(TrustedImm32(firstFreeRegister + RegisterFile::CallFrameHeaderSize), regT1);
lshift32(TrustedImm32(3), regT1);
addPtr(callFrameRegister, regT1);
// regT1: newCallFrame
slowCase.append(branchPtr(Below, AbsoluteAddress(m_globalData->interpreter->registerFile().addressOfEnd()), regT1));
// Initialize ArgumentCount.
emitFastArithReTagImmediate(regT0, regT2);
storePtr(regT2, Address(regT1, RegisterFile::ArgumentCount * static_cast<int>(sizeof(Register))));
// Initialize 'this'.
emitGetVirtualRegister(thisValue, regT2);
storePtr(regT2, Address(regT1, CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register))));
// Copy arguments.
neg32(regT0);
signExtend32ToPtr(regT0, regT0);
end.append(branchAddPtr(Zero, Imm32(1), regT0));
// regT0: -argumentCount
Label copyLoop = label();
loadPtr(BaseIndex(callFrameRegister, regT0, TimesEight, CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register))), regT2);
storePtr(regT2, BaseIndex(regT1, regT0, TimesEight, CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register))));
branchAddPtr(NonZero, Imm32(1), regT0).linkTo(copyLoop, this);
end.append(jump());
}
if (m_codeBlock->usesArguments() && arguments == m_codeBlock->argumentsRegister())
slowCase.link(this);
JITStubCall stubCall(this, cti_op_load_varargs);
stubCall.addArgument(thisValue, regT0);
stubCall.addArgument(arguments, regT0);
stubCall.addArgument(Imm32(firstFreeRegister));
stubCall.call(regT1);
if (m_codeBlock->usesArguments() && arguments == m_codeBlock->argumentsRegister())
end.link(this);
}
void JIT::compileLoadVarargs(Instruction* instruction)
{
int thisValue = instruction[2].u.operand;
int arguments = instruction[3].u.operand;
int firstFreeRegister = instruction[4].u.operand;
JumpList slowCase;
JumpList end;
if (m_codeBlock->usesArguments() && arguments == m_codeBlock->argumentsRegister()) {
emitLoadTag(arguments, regT1);
slowCase.append(branch32(NotEqual, regT1, TrustedImm32(JSValue::EmptyValueTag)));
load32(payloadFor(RegisterFile::ArgumentCount), regT2);
slowCase.append(branch32(Above, regT2, TrustedImm32(Arguments::MaxArguments + 1)));
// regT2: argumentCountIncludingThis
move(regT2, regT3);
add32(TrustedImm32(firstFreeRegister + RegisterFile::CallFrameHeaderSize), regT3);
lshift32(TrustedImm32(3), regT3);
addPtr(callFrameRegister, regT3);
// regT3: newCallFrame
slowCase.append(branchPtr(Below, AbsoluteAddress(m_globalData->interpreter->registerFile().addressOfEnd()), regT3));
// Initialize ArgumentCount.
store32(regT2, payloadFor(RegisterFile::ArgumentCount, regT3));
// Initialize 'this'.
emitLoad(thisValue, regT1, regT0);
store32(regT0, Address(regT3, OBJECT_OFFSETOF(JSValue, u.asBits.payload) + (CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register)))));
store32(regT1, Address(regT3, OBJECT_OFFSETOF(JSValue, u.asBits.tag) + (CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register)))));
// Copy arguments.
neg32(regT2);
end.append(branchAdd32(Zero, TrustedImm32(1), regT2));
// regT2: -argumentCount;
Label copyLoop = label();
load32(BaseIndex(callFrameRegister, regT2, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.payload) +(CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register)))), regT0);
load32(BaseIndex(callFrameRegister, regT2, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.tag) +(CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register)))), regT1);
store32(regT0, BaseIndex(regT3, regT2, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.payload) +(CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register)))));
store32(regT1, BaseIndex(regT3, regT2, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.tag) +(CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register)))));
branchAdd32(NonZero, TrustedImm32(1), regT2).linkTo(copyLoop, this);
end.append(jump());
}
if (m_codeBlock->usesArguments() && arguments == m_codeBlock->argumentsRegister())
slowCase.link(this);
JITStubCall stubCall(this, cti_op_load_varargs);
stubCall.addArgument(thisValue);
stubCall.addArgument(arguments);
stubCall.addArgument(Imm32(firstFreeRegister));
stubCall.call(regT3);
if (m_codeBlock->usesArguments() && arguments == m_codeBlock->argumentsRegister())
end.link(this);
}
void JIT::compileOpCall(OpcodeID opcodeID, Instruction* instruction, unsigned callLinkInfoIndex)
{
int callee = instruction[1].u.operand;
int argCount = instruction[2].u.operand;
int registerOffset = instruction[3].u.operand;
Jump wasEval;
if (opcodeID == op_call_eval) {
JITStubCall stubCall(this, cti_op_call_eval);
stubCall.addArgument(callee);
stubCall.addArgument(JIT::Imm32(registerOffset));
stubCall.addArgument(JIT::Imm32(argCount));
stubCall.call();
wasEval = branch32(NotEqual, regT1, TrustedImm32(JSValue::EmptyValueTag));
}
emitLoad(callee, regT1, regT0);
DataLabelPtr addressOfLinkedFunctionCheck;
BEGIN_UNINTERRUPTED_SEQUENCE(sequenceOpCall);
Jump jumpToSlow = branchPtrWithPatch(NotEqual, regT0, addressOfLinkedFunctionCheck, TrustedImmPtr(0));
END_UNINTERRUPTED_SEQUENCE(sequenceOpCall);
addSlowCase(jumpToSlow);
ASSERT_JIT_OFFSET(differenceBetween(addressOfLinkedFunctionCheck, jumpToSlow), patchOffsetOpCallCompareToJump);
ASSERT(m_callStructureStubCompilationInfo.size() == callLinkInfoIndex);
m_callStructureStubCompilationInfo.append(StructureStubCompilationInfo());
m_callStructureStubCompilationInfo[callLinkInfoIndex].hotPathBegin = addressOfLinkedFunctionCheck;
m_callStructureStubCompilationInfo[callLinkInfoIndex].isCall = opcodeID != op_construct;
m_callStructureStubCompilationInfo[callLinkInfoIndex].bytecodeIndex = m_bytecodeOffset;
addSlowCase(branch32(NotEqual, regT1, TrustedImm32(JSValue::CellTag)));
// The following is the fast case, only used whan a callee can be linked.
// Fast version of stack frame initialization, directly relative to edi.
// Note that this omits to set up RegisterFile::CodeBlock, which is set in the callee
loadPtr(Address(regT0, OBJECT_OFFSETOF(JSFunction, m_scopeChain)), regT2);
store32(TrustedImm32(JSValue::Int32Tag), tagFor(registerOffset + RegisterFile::ArgumentCount));
store32(Imm32(argCount), payloadFor(registerOffset + RegisterFile::ArgumentCount));
storePtr(callFrameRegister, payloadFor(RegisterFile::CallerFrame + registerOffset, callFrameRegister));
emitStore(registerOffset + RegisterFile::Callee, regT1, regT0);
store32(TrustedImm32(JSValue::CellTag), tagFor(registerOffset + RegisterFile::ScopeChain));
store32(regT2, payloadFor(registerOffset + RegisterFile::ScopeChain));
addPtr(Imm32(registerOffset * sizeof(Register)), callFrameRegister);
// Call to the callee
m_callStructureStubCompilationInfo[callLinkInfoIndex].hotPathOther = emitNakedCall();
if (opcodeID == op_call_eval)
wasEval.link(this);
sampleCodeBlock(m_codeBlock);
}
void JIT::emitSlow_op_urshift(Instruction* currentInstruction, Vector<SlowCaseEntry>::iterator& iter)
{
unsigned dst = currentInstruction[1].u.operand;
unsigned op1 = currentInstruction[2].u.operand;
unsigned op2 = currentInstruction[3].u.operand;
if (isOperandConstantImmediateInt(op2)) {
int shift = getConstantOperand(op2).asInt32();
// op1 = regT0
linkSlowCase(iter); // int32 check
if (supportsFloatingPointTruncate()) {
JumpList failures;
failures.append(emitJumpIfNotImmediateNumber(regT0)); // op1 is not a double
addPtr(tagTypeNumberRegister, regT0);
movePtrToDouble(regT0, fpRegT0);
failures.append(branchTruncateDoubleToInt32(fpRegT0, regT0));
if (shift)
urshift32(Imm32(shift & 0x1f), regT0);
if (shift < 0 || !(shift & 31))
failures.append(branch32(LessThan, regT0, Imm32(0)));
emitFastArithReTagImmediate(regT0, regT0);
emitPutVirtualRegister(dst, regT0);
emitJumpSlowToHot(jump(), OPCODE_LENGTH(op_rshift));
failures.link(this);
}
if (shift < 0 || !(shift & 31))
linkSlowCase(iter); // failed to box in hot path
} else {
// op1 = regT0
// op2 = regT1
if (!isOperandConstantImmediateInt(op1)) {
linkSlowCase(iter); // int32 check -- op1 is not an int
if (supportsFloatingPointTruncate()) {
JumpList failures;
failures.append(emitJumpIfNotImmediateNumber(regT0)); // op1 is not a double
addPtr(tagTypeNumberRegister, regT0);
movePtrToDouble(regT0, fpRegT0);
failures.append(branchTruncateDoubleToInt32(fpRegT0, regT0));
failures.append(emitJumpIfNotImmediateInteger(regT1)); // op2 is not an int
emitFastArithImmToInt(regT1);
urshift32(regT1, regT0);
failures.append(branch32(LessThan, regT0, Imm32(0)));
emitFastArithReTagImmediate(regT0, regT0);
emitPutVirtualRegister(dst, regT0);
emitJumpSlowToHot(jump(), OPCODE_LENGTH(op_rshift));
failures.link(this);
}
}
linkSlowCase(iter); // int32 check - op2 is not an int
linkSlowCase(iter); // Can't represent unsigned result as an immediate
}
JITStubCall stubCall(this, cti_op_urshift);
stubCall.addArgument(op1, regT0);
stubCall.addArgument(op2, regT1);
stubCall.call(dst);
}
void JIT::compileCallEval()
{
JITStubCall stubCall(this, cti_op_call_eval); // Initializes ScopeChain; ReturnPC; CodeBlock.
stubCall.call();
addSlowCase(branch64(Equal, regT0, TrustedImm64(JSValue::encode(JSValue()))));
emitGetFromCallFrameHeaderPtr(JSStack::CallerFrame, callFrameRegister);
sampleCodeBlock(m_codeBlock);
}
void JIT::compileCallEval()
{
JITStubCall stubCall(this, cti_op_call_eval); // Initializes ScopeChain; ReturnPC; CodeBlock.
stubCall.call();
addSlowCase(branch32(Equal, regT1, TrustedImm32(JSValue::EmptyValueTag)));
emitGetFromCallFrameHeaderPtr(RegisterFile::CallerFrame, callFrameRegister);
sampleCodeBlock(m_codeBlock);
}
void JIT::compileOpCall(OpcodeID opcodeID, Instruction* instruction, unsigned callLinkInfoIndex)
{
int callee = instruction[1].u.operand;
int argCount = instruction[2].u.operand;
int registerOffset = instruction[3].u.operand;
// Handle eval
Jump wasEval;
if (opcodeID == op_call_eval) {
JITStubCall stubCall(this, cti_op_call_eval);
stubCall.addArgument(callee, regT0);
stubCall.addArgument(JIT::Imm32(registerOffset));
stubCall.addArgument(JIT::Imm32(argCount));
stubCall.call();
wasEval = branchPtr(NotEqual, regT0, TrustedImmPtr(JSValue::encode(JSValue())));
}
// This plants a check for a cached JSFunction value, so we can plant a fast link to the callee.
// This deliberately leaves the callee in ecx, used when setting up the stack frame below
emitGetVirtualRegister(callee, regT0);
DataLabelPtr addressOfLinkedFunctionCheck;
BEGIN_UNINTERRUPTED_SEQUENCE(sequenceOpCall);
Jump jumpToSlow = branchPtrWithPatch(NotEqual, regT0, addressOfLinkedFunctionCheck, TrustedImmPtr(JSValue::encode(JSValue())));
END_UNINTERRUPTED_SEQUENCE(sequenceOpCall);
addSlowCase(jumpToSlow);
ASSERT_JIT_OFFSET(differenceBetween(addressOfLinkedFunctionCheck, jumpToSlow), patchOffsetOpCallCompareToJump);
m_callStructureStubCompilationInfo[callLinkInfoIndex].hotPathBegin = addressOfLinkedFunctionCheck;
m_callStructureStubCompilationInfo[callLinkInfoIndex].isCall = opcodeID != op_construct;
// The following is the fast case, only used whan a callee can be linked.
// Fast version of stack frame initialization, directly relative to edi.
// Note that this omits to set up RegisterFile::CodeBlock, which is set in the callee
loadPtr(Address(regT0, OBJECT_OFFSETOF(JSFunction, m_scopeChain)), regT1); // newScopeChain
store32(TrustedImm32(Int32Tag), intTagFor(registerOffset + RegisterFile::ArgumentCount));
store32(Imm32(argCount), intPayloadFor(registerOffset + RegisterFile::ArgumentCount));
storePtr(callFrameRegister, Address(callFrameRegister, (registerOffset + RegisterFile::CallerFrame) * static_cast<int>(sizeof(Register))));
storePtr(regT0, Address(callFrameRegister, (registerOffset + RegisterFile::Callee) * static_cast<int>(sizeof(Register))));
storePtr(regT1, Address(callFrameRegister, (registerOffset + RegisterFile::ScopeChain) * static_cast<int>(sizeof(Register))));
addPtr(Imm32(registerOffset * sizeof(Register)), callFrameRegister);
// Call to the callee
m_callStructureStubCompilationInfo[callLinkInfoIndex].hotPathOther = emitNakedCall();
if (opcodeID == op_call_eval)
wasEval.link(this);
sampleCodeBlock(m_codeBlock);
}
void JIT::emit_op_load_varargs(Instruction* currentInstruction)
{
int argCountDst = currentInstruction[1].u.operand;
int argsOffset = currentInstruction[2].u.operand;
JITStubCall stubCall(this, cti_op_load_varargs);
stubCall.addArgument(Imm32(argsOffset));
stubCall.call();
// Stores a naked int32 in the register file.
store32(returnValueRegister, Address(callFrameRegister, argCountDst * sizeof(Register)));
}
void JIT::emitSlow_op_mod(Instruction* currentInstruction, Vector<SlowCaseEntry>::iterator& iter)
{
unsigned result = currentInstruction[1].u.operand;
linkSlowCase(iter);
linkSlowCase(iter);
linkSlowCase(iter);
JITStubCall stubCall(this, cti_op_mod);
stubCall.addArgument(regT0);
stubCall.addArgument(regT2);
stubCall.call(result);
}
void JIT::emitSlow_op_pre_dec(Instruction* currentInstruction, Vector<SlowCaseEntry>::iterator& iter)
{
unsigned srcDst = currentInstruction[1].u.operand;
Jump notImm = getSlowCase(iter);
linkSlowCase(iter);
emitGetVirtualRegister(srcDst, regT0);
notImm.link(this);
JITStubCall stubCall(this, cti_op_pre_dec);
stubCall.addArgument(regT0);
stubCall.call(srcDst);
}
void JIT::emitSlow_op_post_dec(Instruction* currentInstruction, Vector<SlowCaseEntry>::iterator& iter)
{
unsigned result = currentInstruction[1].u.operand;
unsigned srcDst = currentInstruction[2].u.operand;
linkSlowCase(iter);
linkSlowCase(iter);
JITStubCall stubCall(this, cti_op_post_dec);
stubCall.addArgument(regT0);
stubCall.addArgument(Imm32(srcDst));
stubCall.call(result);
}
void JIT::compileOpCallVarargsSlowCase(Instruction*, Vector<SlowCaseEntry>::iterator& iter)
{
linkSlowCase(iter);
linkSlowCase(iter);
JITStubCall stubCall(this, cti_op_call_NotJSFunction);
stubCall.addArgument(regT0);
stubCall.addArgument(regT2);
stubCall.addArgument(regT1);
stubCall.call();
sampleCodeBlock(m_codeBlock);
}
void JIT::emitSlow_op_bitand(Instruction* currentInstruction, Vector<SlowCaseEntry>::iterator& iter)
{
unsigned result = currentInstruction[1].u.operand;
unsigned op1 = currentInstruction[2].u.operand;
unsigned op2 = currentInstruction[3].u.operand;
linkSlowCase(iter);
if (isOperandConstantImmediateInt(op1)) {
JITStubCall stubCall(this, cti_op_bitand);
stubCall.addArgument(op1, regT2);
stubCall.addArgument(regT0);
stubCall.call(result);
} else if (isOperandConstantImmediateInt(op2)) {
JITStubCall stubCall(this, cti_op_bitand);
stubCall.addArgument(regT0);
stubCall.addArgument(op2, regT2);
stubCall.call(result);
} else {
JITStubCall stubCall(this, cti_op_bitand);
stubCall.addArgument(op1, regT2);
stubCall.addArgument(regT1);
stubCall.call(result);
}
}
void JIT::emitSlow_op_lshift(Instruction* currentInstruction, Vector<SlowCaseEntry>::iterator& iter)
{
unsigned result = currentInstruction[1].u.operand;
unsigned op1 = currentInstruction[2].u.operand;
unsigned op2 = currentInstruction[3].u.operand;
UNUSED_PARAM(op1);
UNUSED_PARAM(op2);
linkSlowCase(iter);
linkSlowCase(iter);
JITStubCall stubCall(this, cti_op_lshift);
stubCall.addArgument(regT0);
stubCall.addArgument(regT2);
stubCall.call(result);
}
void JIT::compileOpCallVarargsSlowCase(Instruction* instruction, Vector<SlowCaseEntry>::iterator& iter)
{
int callee = instruction[1].u.operand;
linkSlowCaseIfNotJSCell(iter, callee);
linkSlowCase(iter);
JITStubCall stubCall(this, cti_op_call_NotJSFunction);
stubCall.addArgument(regT1, regT0);
stubCall.addArgument(regT3);
stubCall.addArgument(regT2);
stubCall.call();
sampleCodeBlock(m_codeBlock);
}
void JIT::compileOpCallSlowCase(Instruction* instruction, Vector<SlowCaseEntry>::iterator& iter, unsigned, OpcodeID opcodeID)
{
int argCount = instruction[2].u.operand;
int registerOffset = instruction[3].u.operand;
linkSlowCase(iter);
linkSlowCase(iter);
JITStubCall stubCall(this, opcodeID == op_construct ? cti_op_construct_NotJSConstruct : cti_op_call_NotJSFunction);
stubCall.addArgument(regT0);
stubCall.addArgument(JIT::Imm32(registerOffset));
stubCall.addArgument(JIT::Imm32(argCount));
stubCall.call();
sampleCodeBlock(m_codeBlock);
}
void JIT::emitSlow_op_mod(Instruction* currentInstruction, Vector<SlowCaseEntry>::iterator& iter)
{
#if ENABLE(JIT_USE_SOFT_MODULO)
unsigned result = currentInstruction[1].u.operand;
unsigned op1 = currentInstruction[2].u.operand;
unsigned op2 = currentInstruction[3].u.operand;
linkSlowCase(iter);
linkSlowCase(iter);
linkSlowCase(iter);
JITStubCall stubCall(this, cti_op_mod);
stubCall.addArgument(op1, regT2);
stubCall.addArgument(op2, regT2);
stubCall.call(result);
#else
ASSERT_NOT_REACHED();
#endif
}
void JIT::compileOpCallVarargsSlowCase(Instruction* instruction, Vector<SlowCaseEntry>::iterator& iter)
{
int callee = instruction[1].u.operand;
linkSlowCaseIfNotJSCell(iter, callee);
Jump notCell = jump();
linkSlowCase(iter);
move(TrustedImm32(JSValue::CellTag), regT1); // Need to restore cell tag in regT1 because it was clobbered.
notCell.link(this);
JITStubCall stubCall(this, cti_op_call_NotJSFunction);
stubCall.addArgument(regT1, regT0);
stubCall.addArgument(regT3);
stubCall.addArgument(regT2);
stubCall.call();
sampleCodeBlock(m_codeBlock);
}
void JIT::emit_op_mod(Instruction* currentInstruction)
{
unsigned result = currentInstruction[1].u.operand;
unsigned op1 = currentInstruction[2].u.operand;
unsigned op2 = currentInstruction[3].u.operand;
#if ENABLE(JIT_USE_SOFT_MODULO)
emitGetVirtualRegisters(op1, regT0, op2, regT2);
emitJumpSlowCaseIfNotImmediateInteger(regT0);
emitJumpSlowCaseIfNotImmediateInteger(regT2);
addSlowCase(branch32(Equal, regT2, Imm32(1)));
emitNakedCall(m_globalData->jitStubs->ctiSoftModulo());
emitPutVirtualRegister(result, regT0);
#else
JITStubCall stubCall(this, cti_op_mod);
stubCall.addArgument(op1, regT2);
stubCall.addArgument(op2, regT2);
stubCall.call(result);
#endif
}
void JIT::emitSlow_op_jlesseq(Instruction* currentInstruction, Vector<SlowCaseEntry>::iterator& iter, bool invert)
{
unsigned op1 = currentInstruction[1].u.operand;
unsigned op2 = currentInstruction[2].u.operand;
unsigned target = currentInstruction[3].u.operand;
// We generate inline code for the following cases in the slow path:
// - floating-point number to constant int immediate
// - constant int immediate to floating-point number
// - floating-point number to floating-point number.
if (isOperandConstantImmediateChar(op1) || isOperandConstantImmediateChar(op2)) {
linkSlowCase(iter);
linkSlowCase(iter);
linkSlowCase(iter);
linkSlowCase(iter);
JITStubCall stubCall(this, cti_op_jlesseq);
stubCall.addArgument(op1, regT0);
stubCall.addArgument(op2, regT1);
stubCall.call();
emitJumpSlowToHot(branchTest32(invert ? Zero : NonZero, regT0), target);
return;
}
if (isOperandConstantImmediateInt(op2)) {
linkSlowCase(iter);
if (supportsFloatingPoint()) {
Jump fail1 = emitJumpIfNotImmediateNumber(regT0);
addPtr(tagTypeNumberRegister, regT0);
movePtrToDouble(regT0, fpRegT0);
int32_t op2imm = getConstantOperand(op2).asInt32();;
move(Imm32(op2imm), regT1);
convertInt32ToDouble(regT1, fpRegT1);
emitJumpSlowToHot(branchDouble(invert ? DoubleLessThanOrUnordered : DoubleGreaterThanOrEqual, fpRegT1, fpRegT0), target);
emitJumpSlowToHot(jump(), OPCODE_LENGTH(op_jnlesseq));
fail1.link(this);
}
JITStubCall stubCall(this, cti_op_jlesseq);
stubCall.addArgument(regT0);
stubCall.addArgument(op2, regT2);
stubCall.call();
emitJumpSlowToHot(branchTest32(invert ? Zero : NonZero, regT0), target);
} else if (isOperandConstantImmediateInt(op1)) {
linkSlowCase(iter);
if (supportsFloatingPoint()) {
Jump fail1 = emitJumpIfNotImmediateNumber(regT1);
addPtr(tagTypeNumberRegister, regT1);
movePtrToDouble(regT1, fpRegT1);
int32_t op1imm = getConstantOperand(op1).asInt32();;
move(Imm32(op1imm), regT0);
convertInt32ToDouble(regT0, fpRegT0);
emitJumpSlowToHot(branchDouble(invert ? DoubleLessThanOrUnordered : DoubleGreaterThanOrEqual, fpRegT1, fpRegT0), target);
emitJumpSlowToHot(jump(), OPCODE_LENGTH(op_jnlesseq));
fail1.link(this);
}
JITStubCall stubCall(this, cti_op_jlesseq);
stubCall.addArgument(op1, regT2);
stubCall.addArgument(regT1);
stubCall.call();
emitJumpSlowToHot(branchTest32(invert ? Zero : NonZero, regT0), target);
} else {
linkSlowCase(iter);
if (supportsFloatingPoint()) {
Jump fail1 = emitJumpIfNotImmediateNumber(regT0);
Jump fail2 = emitJumpIfNotImmediateNumber(regT1);
Jump fail3 = emitJumpIfImmediateInteger(regT1);
addPtr(tagTypeNumberRegister, regT0);
addPtr(tagTypeNumberRegister, regT1);
movePtrToDouble(regT0, fpRegT0);
movePtrToDouble(regT1, fpRegT1);
emitJumpSlowToHot(branchDouble(invert ? DoubleLessThanOrUnordered : DoubleGreaterThanOrEqual, fpRegT1, fpRegT0), target);
emitJumpSlowToHot(jump(), OPCODE_LENGTH(op_jnlesseq));
fail1.link(this);
fail2.link(this);
fail3.link(this);
}
linkSlowCase(iter);
JITStubCall stubCall(this, cti_op_jlesseq);
stubCall.addArgument(regT0);
stubCall.addArgument(regT1);
stubCall.call();
emitJumpSlowToHot(branchTest32(invert ? Zero : NonZero, regT0), target);
}
}
void JIT::compileBinaryArithOpSlowCase(OpcodeID opcodeID, Vector<SlowCaseEntry>::iterator& iter, unsigned result, unsigned op1, unsigned op2, OperandTypes types, bool op1HasImmediateIntFastCase, bool op2HasImmediateIntFastCase)
{
// We assume that subtracting TagTypeNumber is equivalent to adding DoubleEncodeOffset.
COMPILE_ASSERT(((JSImmediate::TagTypeNumber + JSImmediate::DoubleEncodeOffset) == 0), TagTypeNumber_PLUS_DoubleEncodeOffset_EQUALS_0);
Jump notImm1;
Jump notImm2;
if (op1HasImmediateIntFastCase) {
notImm2 = getSlowCase(iter);
} else if (op2HasImmediateIntFastCase) {
notImm1 = getSlowCase(iter);
} else {
notImm1 = getSlowCase(iter);
notImm2 = getSlowCase(iter);
}
linkSlowCase(iter); // Integer overflow case - we could handle this in JIT code, but this is likely rare.
if (opcodeID == op_mul && !op1HasImmediateIntFastCase && !op2HasImmediateIntFastCase) // op_mul has an extra slow case to handle 0 * negative number.
linkSlowCase(iter);
emitGetVirtualRegister(op1, regT0);
Label stubFunctionCall(this);
JITStubCall stubCall(this, opcodeID == op_add ? cti_op_add : opcodeID == op_sub ? cti_op_sub : cti_op_mul);
if (op1HasImmediateIntFastCase || op2HasImmediateIntFastCase) {
emitGetVirtualRegister(op1, regT0);
emitGetVirtualRegister(op2, regT1);
}
stubCall.addArgument(regT0);
stubCall.addArgument(regT1);
stubCall.call(result);
Jump end = jump();
if (op1HasImmediateIntFastCase) {
notImm2.link(this);
if (!types.second().definitelyIsNumber())
emitJumpIfNotImmediateNumber(regT0).linkTo(stubFunctionCall, this);
emitGetVirtualRegister(op1, regT1);
convertInt32ToDouble(regT1, fpRegT1);
addPtr(tagTypeNumberRegister, regT0);
movePtrToDouble(regT0, fpRegT2);
} else if (op2HasImmediateIntFastCase) {
notImm1.link(this);
if (!types.first().definitelyIsNumber())
emitJumpIfNotImmediateNumber(regT0).linkTo(stubFunctionCall, this);
emitGetVirtualRegister(op2, regT1);
convertInt32ToDouble(regT1, fpRegT1);
addPtr(tagTypeNumberRegister, regT0);
movePtrToDouble(regT0, fpRegT2);
} else {
// if we get here, eax is not an int32, edx not yet checked.
notImm1.link(this);
if (!types.first().definitelyIsNumber())
emitJumpIfNotImmediateNumber(regT0).linkTo(stubFunctionCall, this);
if (!types.second().definitelyIsNumber())
emitJumpIfNotImmediateNumber(regT1).linkTo(stubFunctionCall, this);
addPtr(tagTypeNumberRegister, regT0);
movePtrToDouble(regT0, fpRegT1);
Jump op2isDouble = emitJumpIfNotImmediateInteger(regT1);
convertInt32ToDouble(regT1, fpRegT2);
Jump op2wasInteger = jump();
// if we get here, eax IS an int32, edx is not.
notImm2.link(this);
if (!types.second().definitelyIsNumber())
emitJumpIfNotImmediateNumber(regT1).linkTo(stubFunctionCall, this);
convertInt32ToDouble(regT0, fpRegT1);
op2isDouble.link(this);
addPtr(tagTypeNumberRegister, regT1);
movePtrToDouble(regT1, fpRegT2);
op2wasInteger.link(this);
}
if (opcodeID == op_add)
addDouble(fpRegT2, fpRegT1);
else if (opcodeID == op_sub)
subDouble(fpRegT2, fpRegT1);
else if (opcodeID == op_mul)
mulDouble(fpRegT2, fpRegT1);
else {
ASSERT(opcodeID == op_div);
divDouble(fpRegT2, fpRegT1);
}
moveDoubleToPtr(fpRegT1, regT0);
subPtr(tagTypeNumberRegister, regT0);
emitPutVirtualRegister(result, regT0);
end.link(this);
}
void JIT::compileLoadVarargs(Instruction* instruction)
{
int thisValue = instruction[3].u.operand;
int arguments = instruction[4].u.operand;
int firstFreeRegister = instruction[5].u.operand;
killLastResultRegister();
JumpList slowCase;
JumpList end;
bool canOptimize = m_codeBlock->usesArguments()
&& arguments == m_codeBlock->argumentsRegister().offset()
&& !m_codeBlock->symbolTable()->slowArguments();
if (canOptimize) {
emitGetVirtualRegister(arguments, regT0);
slowCase.append(branch64(NotEqual, regT0, TrustedImm64(JSValue::encode(JSValue()))));
emitGetFromCallFrameHeader32(JSStack::ArgumentCount, regT0);
slowCase.append(branch32(Above, regT0, TrustedImm32(Arguments::MaxArguments + 1)));
// regT0: argumentCountIncludingThis
move(regT0, regT1);
neg64(regT1);
add64(TrustedImm32(firstFreeRegister - JSStack::CallFrameHeaderSize), regT1);
lshift64(TrustedImm32(3), regT1);
addPtr(callFrameRegister, regT1);
// regT1: newCallFrame
slowCase.append(branchPtr(Above, AbsoluteAddress(m_vm->interpreter->stack().addressOfEnd()), regT1));
// Initialize ArgumentCount.
store32(regT0, Address(regT1, JSStack::ArgumentCount * static_cast<int>(sizeof(Register)) + OBJECT_OFFSETOF(EncodedValueDescriptor, asBits.payload)));
// Initialize 'this'.
emitGetVirtualRegister(thisValue, regT2);
store64(regT2, Address(regT1, CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register))));
// Copy arguments.
signExtend32ToPtr(regT0, regT0);
end.append(branchSub64(Zero, TrustedImm32(1), regT0));
// regT0: argumentCount
Label copyLoop = label();
load64(BaseIndex(callFrameRegister, regT0, TimesEight, CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register))), regT2);
store64(regT2, BaseIndex(regT1, regT0, TimesEight, CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register))));
branchSub64(NonZero, TrustedImm32(1), regT0).linkTo(copyLoop, this);
end.append(jump());
}
if (canOptimize)
slowCase.link(this);
JITStubCall stubCall(this, cti_op_load_varargs);
stubCall.addArgument(thisValue, regT0);
stubCall.addArgument(arguments, regT0);
stubCall.addArgument(Imm32(firstFreeRegister));
stubCall.call(regT1);
if (canOptimize)
end.link(this);
}